🛒

Understanding eBay API and OAuth Process

Aug 1, 2024

eBay API Overview

Introduction to eBay API

  • Requires OAuth token to access eBay API.
  • Two types of tokens needed:
    • Application Token
    • User Access Token

eBay Developer Portal

  • Logged into eBay Developer account.
  • Key components in Developer Page:
    1. Application Key Set
    2. User Access Token
    3. Notifications

Application Key Set

  • Contains two sets of application credentials:
    • Sandbox environment
    • Production environment
  • Important credentials:
    • App ID (Client ID)
    • Dev ID
    • App Secret

User Access Tokens

  • User access token page shows:
    • Application name
    • Chosen environment
    • App ID (Client ID)

OAuth Process

Redirect URL

  • Important for user sign-in and permissions.
  • Should be HTTPS.
  • Can leave some fields blank to use default eBay pages.

Authorization Types

  • Authorization: For single-user apps (e.g., sellers listing products).
  • OAuth Signing: Generally for traditional APIs.

Scope Parameters

  • Defines permissions required from the user.
  • Common scopes include:
    • Inventory management
    • Order fulfillment
  • They must be specified for proper API access.

Testing Sign-in

  • Sign-in page for users to authorize the application.
  • Users need to grant permissions based on defined scopes.

Configuration and Coding Steps

Config.json File

  • Store all credentials like Client ID, Client Secret, Redirect URI, etc.

Getting User Consent

  • Create custom login URL for eBay.
  • User logs in and grants permissions, receiving an Authorization Code.

Exchange Authorization Code for User Access Token

  1. Target endpoint and HTTP query parameters are defined.
  2. The authorization code received is used to request a user access token.
  3. Include necessary headers and request payload:
    • Grant Type
    • Redirect URI
    • Authorization Code

Important Notes

  • Expiration: Authorization Code must be used within a limited time (often 5 minutes).
  • Access Token is confidential and typically lasts 1 hour, with a refresh token lasting much longer.

Conclusion

  • Successfully obtained user access token can now be used to make API requests to eBay.

Full transcript